Federal agencies warned that cybercriminals are unleashing a wave of data-scrambling extortion attempts against the US healthcare system designed to lock up hospital information systems, which could hurt patient care just as nationwide cases of COVID-19 are spiking, the AP reports. In a joint alert Wednesday, the FBI and two federal agencies warned that they had “credible information of an increased and imminent cybercrime threat to US hospitals and healthcare providers.” The alert said malicious groups are targeting the sector with attacks that produce "data theft and disruption of healthcare services." The cyberattacks involve ransomware, which scrambles data into gibberish that can only be unlocked with software keys provided once targets pay up.
Independent security experts say it has already hobbled at least five US hospitals this week, and could potentially impact hundreds more. The offensive by a Russian-speaking criminal gang coincides with the US presidential election, although there is no immediate indication they were motivated by anything but profit. “We are experiencing the most significant cyber security threat we’ve ever seen in the United States,” Charles Carmakal, chief technical officer of the cybersecurity firm Mandiant, said in a statement. Alex Holden, CEO of Hold Security, which has been closely tracking the ransomware in question for more than a year, agreed that the unfolding offensive is unprecedented in magnitude for the US. The federal alert was co-authored by the Department of Homeland Security and the Department of Health and Human Services. (Much more here.)